package com.ygsoft.tianlu_mall.security;

import com.ygsoft.tianlu_mall.mapper.UserMapper;
import com.ygsoft.tianlu_mall.pojo.User;
import com.ygsoft.tianlu_mall.service.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.Set;

public class ShiroRealm extends AuthorizingRealm{
    @Autowired
    private UserMapper userMapper;
    @Autowired
    private UserService userService;

    public UserService getUserService() {
        return userService;
    }

    public void setUserService(UserService userService) {
        this.userService = userService;
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        //1.从PrincipalCollection 中获取登录用户的信息
        //2.利用登录的用户的信息来用户当前用户的角色权限（可能需要查数据库）
        //3.创建SimpleAuthorizationInfo
        //4.返回SimpleAuthorizationInfo 对象
        System.out.println("进入授权方法");
        String user_name = (String)principals.getPrimaryPrincipal();
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        Set<String> roles = userService.findRoles(user_name);
        for (String role : roles) {
            System.out.println("角色");
            System.out.println(role);
        }
        Set<String> permissions = userService.findPermissions(user_name);
        for (String permission : permissions) {
            System.out.println("权限");
            System.out.println(permission);
        }
        authorizationInfo.setRoles(userService.findRoles(user_name));
        authorizationInfo.setStringPermissions(userService.findPermissions(user_name));
        for(int i = 0; i<authorizationInfo.getRoles().size();i++){
            System.out.println(authorizationInfo.getRoles());
        }
        for(int i = 0; i<authorizationInfo.getStringPermissions().size();i++){
            System.out.println(authorizationInfo.getStringPermissions());
        }
        return authorizationInfo;
    }
//授权认证



    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
         UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
         String user_name = usernamePasswordToken.getUsername();
//        String user_password = String.valueOf(usernamePasswordToken.getPassword());
        //1
//        String user_name = token.getPrincipal().toString();
//        String user_password = new String(usernamePasswordToken.getPassword());
        User user = userMapper.findbyusername(user_name);
        if("unknown".equals(user)) {
            throw new UnknownAccountException("账号或密码错误");
        }
        if("monster".equals(user)){
            throw new LockedAccountException("用户被锁定");
        }
        if(null == user){
            throw new AuthenticationException("账号为空");
        }

        ByteSource credentialsSalt = ByteSource.Util.bytes(user.getSalt());
        //以下信息从数据库表中获取得到
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
                user.getUser_name(), user.getUser_password(),credentialsSalt,this.getName());
        return simpleAuthenticationInfo;

    }



//    public static void main(String[] args){
//        String hashAlgorithmName = "MD5";
//        Object credentials = "99";
//        Object salt = "02b26821b2bf626466555f4057f6a4d8";
//        int hashIterations = 1024;
//
//        Object result = new SimpleHash(hashAlgorithmName, credentials, salt, hashIterations);
//        System.out.print(result);
//    }
}
